Does Stellate have any unpatched vulnerabilities?

No. All known vulnerabilities in Stellate have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Stellate compatible with WordPress 6.4.0?

According to WordPress.org data, Stellate 0.1.8 has been tested up to WordPress 6.4.0. Check the plugin's changelog for the latest compatibility information.

Is Stellate compatible with PHP 7.1+?

Stellate requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Stellate updated?

Stellate was last updated on Mar 7, 2024. Frequent updates are generally a positive security signal.

What is Stellate's security score?

Stellate has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Stellate Security & Risk Analysis

wordpress.org/plugins/stellate

Stellate plugin for WordPress

80 active installs v0.1.8 PHP 7.1+ WP 5.0+ Updated Mar 7, 2024

apicachinggraphqlstellatewpgraphql

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Stellate Safe to Use in 2026?

Generally Safe

Score 85/100

Stellate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The 'stellate' v0.1.8 plugin exhibits a very strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly limits its attack surface. Furthermore, the code signals are highly encouraging, with no dangerous functions, all SQL queries utilizing prepared statements, and a high percentage of output being properly escaped. The lack of file operations and external HTTP requests, coupled with the absence of known vulnerabilities, further solidifies its secure design.

While the plugin's current version is remarkably secure, the analysis does highlight a few areas for potential future improvement or vigilance. The plugin does make one external HTTP request, which, though not identified as a risk in this analysis, is a common vector for vulnerabilities if not carefully managed. Additionally, the complete absence of nonce checks and capability checks, while not directly exploitable given the current zero attack surface, represents a lack of defensive coding practices that could become a vulnerability if new entry points are introduced in future versions. Overall, 'stellate' v0.1.8 appears to be a very secure plugin with no known vulnerabilities or immediate exploitable risks.

Key Concerns

External HTTP requests without checks
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Stellate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Stellate Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

88% escaped8 total outputs

Attack Surface

Stellate Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 23

actionadmin_initwp-stellate.php:36

actionadmin_menuwp-stellate.php:54

actionadmin_post_stellate_purge_allwp-stellate.php:152

actionregistered_post_typewp-stellate.php:202

actionregistered_taxonomywp-stellate.php:223

actionwp_insert_postwp-stellate.php:269

actiondeleted_postwp-stellate.php:304

actioncreated_categorywp-stellate.php:313

actionedited_categorywp-stellate.php:320

actiondelete_categorywp-stellate.php:327

actioncreated_post_tagwp-stellate.php:334

actionedited_post_tagwp-stellate.php:341

actiondelete_post_tagwp-stellate.php:348

actionwp_insert_commentwp-stellate.php:355

actionwp_set_comment_statuswp-stellate.php:367

actionedit_commentwp-stellate.php:374

actionwp_update_comment_countwp-stellate.php:381

actionwp_create_nav_menuwp-stellate.php:388

actionwp_delete_nav_menuwp-stellate.php:395

actionuser_registerwp-stellate.php:402

actionprofile_updatewp-stellate.php:409

actiondelete_userwp-stellate.php:416

actionshutdownwp-stellate.php:437

Maintenance & Trust

Stellate Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.0

Last updatedMar 7, 2024

PHP min version7.1

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs80

Alternatives

Stellate Alternatives

WPGraphQL Smart Cache

wpgraphql-smart-cache

WPGraphQL Smart Cache is a WordPress plugin that provides fast, accurate API responses by intelligently caching and invalidating WPGraphQL queries.

6K 1 CVE

WPGraphQL

wp-graphql

WPGraphQL adds a flexible and powerful GraphQL API to WordPress, enabling efficient querying and interaction with your site's data.

30K 6 CVEs

WPGraphQL for ACF

wpgraphql-acf

100

WPGraphQL for ACF seamlessly integrates Advanced Custom Fields with WPGraphQL.

10K No CVEs

WPGraphQL Yoast SEO Addon

add-wpgraphql-seo

100

This plugin enables Yoast SEO Support for WPGraphQL.

9K No CVEs

WPGraphQL Send Mail

add-wpgraphql-send-mail

This plugin enables to send email via WPGraphQL.

500 No CVEs

Developer Profile

Stellate Developer Profile

Stellate

1 plugin · 80 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Stellate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

wrapform-tableregular-text

Data Attributes

autocompletedata-toggledata-targetdata-bs-toggledata-bs-targetdata-bs-placement

JS Globals

stellate_touched_purging_token

Shortcode Output

<h2>GraphQL Edge Caching with Stellate</h2><h3>Settings</h3><h3>Purge the entire cache</h3>

FAQ